mirror of
https://github.com/bitwarden/server.git
synced 2025-04-12 08:38:13 -05:00
react to contact changes not being set from identity
This commit is contained in:
Kyle Spearrin
parent
9a10382b46
commit
0648c2d0a3
@ -8,7 +8,6 @@ using Bit.Core.Services;
|
||||
using Microsoft.AspNetCore.Identity;
|
||||
using Bit.Core.Domains;
|
||||
using Bit.Core.Enums;
|
||||
using Bit.Core;
|
||||
using System.Linq;
|
||||
|
||||
namespace Bit.Api.Controllers
|
||||
@ -20,18 +19,15 @@ namespace Bit.Api.Controllers
|
||||
private readonly IUserService _userService;
|
||||
private readonly ICipherService _cipherService;
|
||||
private readonly UserManager<User> _userManager;
|
||||
private readonly CurrentContext _currentContext;
|
||||
|
||||
public AccountsController(
|
||||
IUserService userService,
|
||||
ICipherService cipherService,
|
||||
UserManager<User> userManager,
|
||||
CurrentContext currentContext)
|
||||
UserManager<User> userManager)
|
||||
{
|
||||
_userService = userService;
|
||||
_cipherService = cipherService;
|
||||
_userManager = userManager;
|
||||
_currentContext = currentContext;
|
||||
}
|
||||
|
||||
[HttpPost("register")]
|
||||
@ -63,25 +59,28 @@ namespace Bit.Api.Controllers
|
||||
[HttpPost("email-token")]
|
||||
public async Task PostEmailToken([FromBody]EmailTokenRequestModel model)
|
||||
{
|
||||
if(!await _userManager.CheckPasswordAsync(_currentContext.User, model.MasterPasswordHash))
|
||||
var user = await _userService.GetUserByPrincipalAsync(User);
|
||||
if(!await _userManager.CheckPasswordAsync(user, model.MasterPasswordHash))
|
||||
{
|
||||
await Task.Delay(2000);
|
||||
throw new BadRequestException("MasterPasswordHash", "Invalid password.");
|
||||
}
|
||||
|
||||
await _userService.InitiateEmailChangeAsync(_currentContext.User, model.NewEmail);
|
||||
await _userService.InitiateEmailChangeAsync(user, model.NewEmail);
|
||||
}
|
||||
|
||||
[HttpPut("email")]
|
||||
[HttpPost("email")]
|
||||
public async Task PutEmail([FromBody]EmailRequestModel model)
|
||||
{
|
||||
var user = await _userService.GetUserByPrincipalAsync(User);
|
||||
|
||||
// NOTE: It is assumed that the eventual repository call will make sure the updated
|
||||
// ciphers belong to user making this call. Therefore, no check is done here.
|
||||
var ciphers = model.Ciphers.Select(c => c.ToCipher(_userManager.GetUserId(User)));
|
||||
var ciphers = model.Ciphers.Select(c => c.ToCipher(user.Id));
|
||||
|
||||
var result = await _userService.ChangeEmailAsync(
|
||||
_currentContext.User,
|
||||
user,
|
||||
model.MasterPasswordHash,
|
||||
model.NewEmail,
|
||||
model.NewMasterPasswordHash,
|
||||
@ -106,12 +105,14 @@ namespace Bit.Api.Controllers
|
||||
[HttpPost("password")]
|
||||
public async Task PutPassword([FromBody]PasswordRequestModel model)
|
||||
{
|
||||
var user = await _userService.GetUserByPrincipalAsync(User);
|
||||
|
||||
// NOTE: It is assumed that the eventual repository call will make sure the updated
|
||||
// ciphers belong to user making this call. Therefore, no check is done here.
|
||||
var ciphers = model.Ciphers.Select(c => c.ToCipher(_userManager.GetUserId(User)));
|
||||
var ciphers = model.Ciphers.Select(c => c.ToCipher(user.Id));
|
||||
|
||||
var result = await _userService.ChangePasswordAsync(
|
||||
_currentContext.User,
|
||||
user,
|
||||
model.MasterPasswordHash,
|
||||
model.NewMasterPasswordHash,
|
||||
ciphers);
|
||||
@ -134,7 +135,8 @@ namespace Bit.Api.Controllers
|
||||
[HttpPost("security-stamp")]
|
||||
public async Task PutSecurityStamp([FromBody]SecurityStampRequestModel model)
|
||||
{
|
||||
var result = await _userService.RefreshSecurityStampAsync(_currentContext.User, model.MasterPasswordHash);
|
||||
var user = await _userService.GetUserByPrincipalAsync(User);
|
||||
var result = await _userService.RefreshSecurityStampAsync(user, model.MasterPasswordHash);
|
||||
if(result.Succeeded)
|
||||
{
|
||||
return;
|
||||
@ -150,9 +152,10 @@ namespace Bit.Api.Controllers
|
||||
}
|
||||
|
||||
[HttpGet("profile")]
|
||||
public ProfileResponseModel GetProfile()
|
||||
public async Task<ProfileResponseModel> GetProfile()
|
||||
{
|
||||
var response = new ProfileResponseModel(_currentContext.User);
|
||||
var user = await _userService.GetUserByPrincipalAsync(User);
|
||||
var response = new ProfileResponseModel(user);
|
||||
return response;
|
||||
}
|
||||
|
||||
@ -160,14 +163,16 @@ namespace Bit.Api.Controllers
|
||||
[HttpPost("profile")]
|
||||
public async Task<ProfileResponseModel> PutProfile([FromBody]UpdateProfileRequestModel model)
|
||||
{
|
||||
await _userService.SaveUserAsync(model.ToUser(_currentContext.User));
|
||||
var user = await _userService.GetUserByPrincipalAsync(User);
|
||||
|
||||
var response = new ProfileResponseModel(_currentContext.User);
|
||||
await _userService.SaveUserAsync(model.ToUser(user));
|
||||
|
||||
var response = new ProfileResponseModel(user);
|
||||
return response;
|
||||
}
|
||||
|
||||
[HttpGet("revision-date")]
|
||||
public long? GetAccountRevisionDate()
|
||||
public async Task<long?> GetAccountRevisionDate()
|
||||
{
|
||||
//var userId = _userService.GetProperUserId(User);
|
||||
//long? revisionDate = null;
|
||||
@ -177,13 +182,14 @@ namespace Bit.Api.Controllers
|
||||
// revisionDate = Core.Utilities.CoreHelpers.EpocMilliseconds(date);
|
||||
//}
|
||||
|
||||
return Core.Utilities.CoreHelpers.EpocMilliseconds(_currentContext.User.AccountRevisionDate);
|
||||
var user = await _userService.GetUserByPrincipalAsync(User);
|
||||
return Core.Utilities.CoreHelpers.EpocMilliseconds(user.AccountRevisionDate);
|
||||
}
|
||||
|
||||
[HttpGet("two-factor")]
|
||||
public async Task<TwoFactorResponseModel> GetTwoFactor(string masterPasswordHash, TwoFactorProviderType provider)
|
||||
{
|
||||
var user = _currentContext.User;
|
||||
var user = await _userService.GetUserByPrincipalAsync(User);
|
||||
if(!await _userManager.CheckPasswordAsync(user, masterPasswordHash))
|
||||
{
|
||||
await Task.Delay(2000);
|
||||
@ -200,7 +206,7 @@ namespace Bit.Api.Controllers
|
||||
[HttpPost("two-factor")]
|
||||
public async Task<TwoFactorResponseModel> PutTwoFactor([FromBody]UpdateTwoFactorRequestModel model)
|
||||
{
|
||||
var user = _currentContext.User;
|
||||
var user = await _userService.GetUserByPrincipalAsync(User);
|
||||
if(!await _userManager.CheckPasswordAsync(user, model.MasterPasswordHash))
|
||||
{
|
||||
await Task.Delay(2000);
|
||||
@ -237,7 +243,7 @@ namespace Bit.Api.Controllers
|
||||
[HttpPost("two-factor-regenerate")]
|
||||
public async Task<TwoFactorResponseModel> PutTwoFactorRegenerate([FromBody]RegenerateTwoFactorRequestModel model)
|
||||
{
|
||||
var user = _currentContext.User;
|
||||
var user = await _userService.GetUserByPrincipalAsync(User);
|
||||
if(!await _userManager.CheckPasswordAsync(user, model.MasterPasswordHash))
|
||||
{
|
||||
await Task.Delay(2000);
|
||||
@ -263,7 +269,7 @@ namespace Bit.Api.Controllers
|
||||
[HttpPost("delete")]
|
||||
public async Task PostDelete([FromBody]DeleteAccountRequestModel model)
|
||||
{
|
||||
var user = _currentContext.User;
|
||||
var user = await _userService.GetUserByPrincipalAsync(User);
|
||||
if(!await _userManager.CheckPasswordAsync(user, model.MasterPasswordHash))
|
||||
{
|
||||
ModelState.AddModelError("MasterPasswordHash", "Invalid password.");
|
||||
|
||||
@ -5,7 +5,7 @@ using Bit.Core.Identity;
|
||||
using Bit.Api.Models;
|
||||
using Microsoft.AspNetCore.Authorization;
|
||||
using Bit.Core.Exceptions;
|
||||
using Bit.Core;
|
||||
using Bit.Core.Services;
|
||||
|
||||
namespace Bit.Api.Controllers
|
||||
{
|
||||
@ -14,21 +14,22 @@ namespace Bit.Api.Controllers
|
||||
public class AuthController : Controller
|
||||
{
|
||||
private readonly JwtBearerSignInManager _signInManager;
|
||||
private readonly CurrentContext _currentContext;
|
||||
private readonly IUserService _userService;
|
||||
|
||||
public AuthController(
|
||||
JwtBearerSignInManager signInManager,
|
||||
CurrentContext currentContext)
|
||||
IUserService userService)
|
||||
{
|
||||
_signInManager = signInManager;
|
||||
_currentContext = currentContext;
|
||||
_userService = userService;
|
||||
}
|
||||
|
||||
[HttpPost("token")]
|
||||
[AllowAnonymous]
|
||||
public async Task<AuthTokenResponseModel> PostToken([FromBody]AuthTokenRequestModel model)
|
||||
{
|
||||
var result = await _signInManager.PasswordSignInAsync(model.Email.ToLower(), model.MasterPasswordHash, model.Device?.ToDevice());
|
||||
var result = await _signInManager.PasswordSignInAsync(model.Email.ToLower(), model.MasterPasswordHash,
|
||||
model.Device?.ToDevice());
|
||||
if(result == JwtBearerSignInResult.Success)
|
||||
{
|
||||
return new AuthTokenResponseModel(result.Token, result.User);
|
||||
@ -46,7 +47,8 @@ namespace Bit.Api.Controllers
|
||||
[Authorize("TwoFactor")]
|
||||
public async Task<AuthTokenResponseModel> PostTokenTwoFactor([FromBody]AuthTokenTwoFactorRequestModel model)
|
||||
{
|
||||
var result = await _signInManager.TwoFactorSignInAsync(_currentContext.User, model.Provider, model.Code, model.Device?.ToDevice());
|
||||
var user = await _userService.GetUserByPrincipalAsync(User);
|
||||
var result = await _signInManager.TwoFactorSignInAsync(user, model.Provider, model.Code, model.Device?.ToDevice());
|
||||
if(result == JwtBearerSignInResult.Success)
|
||||
{
|
||||
return new AuthTokenResponseModel(result.Token, result.User);
|
||||
|
||||
@ -18,22 +18,22 @@ namespace Bit.Api.Controllers
|
||||
{
|
||||
private readonly ICipherRepository _cipherRepository;
|
||||
private readonly ICipherService _cipherService;
|
||||
private readonly UserManager<User> _userManager;
|
||||
private readonly IUserService _userService;
|
||||
|
||||
public CiphersController(
|
||||
ICipherRepository cipherRepository,
|
||||
ICipherService cipherService,
|
||||
UserManager<User> userManager)
|
||||
IUserService userService)
|
||||
{
|
||||
_cipherRepository = cipherRepository;
|
||||
_cipherService = cipherService;
|
||||
_userManager = userManager;
|
||||
_userService = userService;
|
||||
}
|
||||
|
||||
[HttpGet("{id}")]
|
||||
public async Task<CipherResponseModel> Get(string id)
|
||||
{
|
||||
var cipher = await _cipherRepository.GetByIdAsync(new Guid(id), new Guid(_userManager.GetUserId(User)));
|
||||
var cipher = await _cipherRepository.GetByIdAsync(new Guid(id), _userService.GetProperUserId(User).Value);
|
||||
if(cipher == null)
|
||||
{
|
||||
throw new NotFoundException();
|
||||
@ -45,7 +45,7 @@ namespace Bit.Api.Controllers
|
||||
[HttpGet("")]
|
||||
public async Task<ListResponseModel<CipherResponseModel>> Get()
|
||||
{
|
||||
var ciphers = await _cipherRepository.GetManyByUserIdAsync(new Guid(_userManager.GetUserId(User)));
|
||||
var ciphers = await _cipherRepository.GetManyByUserIdAsync(_userService.GetProperUserId(User).Value);
|
||||
var responses = ciphers.Select(c => new CipherResponseModel(c));
|
||||
return new ListResponseModel<CipherResponseModel>(responses);
|
||||
}
|
||||
@ -54,15 +54,16 @@ namespace Bit.Api.Controllers
|
||||
public async Task<CipherHistoryResponseModel> Get(DateTime since)
|
||||
{
|
||||
var history = await _cipherRepository.GetManySinceRevisionDateAndUserIdWithDeleteHistoryAsync(
|
||||
since, new Guid(_userManager.GetUserId(User)));
|
||||
since, _userService.GetProperUserId(User).Value);
|
||||
return new CipherHistoryResponseModel(history.Item1, history.Item2);
|
||||
}
|
||||
|
||||
[HttpPost("import")]
|
||||
public async Task PostImport([FromBody]ImportRequestModel model)
|
||||
{
|
||||
var folderCiphers = model.Folders.Select(f => f.ToCipher(_userManager.GetUserId(User))).ToList();
|
||||
var otherCiphers = model.Logins.Select(s => s.ToCipher(_userManager.GetUserId(User))).ToList();
|
||||
var userId = _userService.GetProperUserId(User).Value;
|
||||
var folderCiphers = model.Folders.Select(f => f.ToCipher(userId)).ToList();
|
||||
var otherCiphers = model.Logins.Select(s => s.ToCipher(userId)).ToList();
|
||||
|
||||
await _cipherService.ImportCiphersAsync(
|
||||
folderCiphers,
|
||||
@ -74,7 +75,7 @@ namespace Bit.Api.Controllers
|
||||
[HttpPost("{id}/favorite")]
|
||||
public async Task Favorite(string id)
|
||||
{
|
||||
var cipher = await _cipherRepository.GetByIdAsync(new Guid(id), new Guid(_userManager.GetUserId(User)));
|
||||
var cipher = await _cipherRepository.GetByIdAsync(new Guid(id), _userService.GetProperUserId(User).Value);
|
||||
if(cipher == null)
|
||||
{
|
||||
throw new NotFoundException();
|
||||
@ -89,7 +90,7 @@ namespace Bit.Api.Controllers
|
||||
[HttpPost("{id}/delete")]
|
||||
public async Task Delete(string id)
|
||||
{
|
||||
var cipher = await _cipherRepository.GetByIdAsync(new Guid(id), new Guid(_userManager.GetUserId(User)));
|
||||
var cipher = await _cipherRepository.GetByIdAsync(new Guid(id), _userService.GetProperUserId(User).Value);
|
||||
if(cipher == null)
|
||||
{
|
||||
throw new NotFoundException();
|
||||
|
||||
@ -19,22 +19,22 @@ namespace Bit.Api.Controllers
|
||||
{
|
||||
private readonly IDeviceRepository _deviceRepository;
|
||||
private readonly IDeviceService _deviceService;
|
||||
private readonly UserManager<User> _userManager;
|
||||
private readonly IUserService _userService;
|
||||
|
||||
public DevicesController(
|
||||
IDeviceRepository deviceRepository,
|
||||
IDeviceService deviceService,
|
||||
UserManager<User> userManager)
|
||||
IUserService userService)
|
||||
{
|
||||
_deviceRepository = deviceRepository;
|
||||
_deviceService = deviceService;
|
||||
_userManager = userManager;
|
||||
_userService = userService;
|
||||
}
|
||||
|
||||
[HttpGet("{id}")]
|
||||
public async Task<DeviceResponseModel> Get(string id)
|
||||
{
|
||||
var device = await _deviceRepository.GetByIdAsync(new Guid(id), new Guid(_userManager.GetUserId(User)));
|
||||
var device = await _deviceRepository.GetByIdAsync(new Guid(id), _userService.GetProperUserId(User).Value);
|
||||
if(device == null)
|
||||
{
|
||||
throw new NotFoundException();
|
||||
@ -47,7 +47,7 @@ namespace Bit.Api.Controllers
|
||||
[HttpGet("identifier/{identifier}")]
|
||||
public async Task<DeviceResponseModel> GetByIdentifier(string identifier)
|
||||
{
|
||||
var device = await _deviceRepository.GetByIdentifierAsync(identifier, new Guid(_userManager.GetUserId(User)));
|
||||
var device = await _deviceRepository.GetByIdentifierAsync(identifier, _userService.GetProperUserId(User).Value);
|
||||
if(device == null)
|
||||
{
|
||||
throw new NotFoundException();
|
||||
@ -60,7 +60,7 @@ namespace Bit.Api.Controllers
|
||||
[HttpGet("")]
|
||||
public async Task<ListResponseModel<DeviceResponseModel>> Get()
|
||||
{
|
||||
ICollection<Device> devices = await _deviceRepository.GetManyByUserIdAsync(new Guid(_userManager.GetUserId(User)));
|
||||
ICollection<Device> devices = await _deviceRepository.GetManyByUserIdAsync(_userService.GetProperUserId(User).Value);
|
||||
var responses = devices.Select(d => new DeviceResponseModel(d));
|
||||
return new ListResponseModel<DeviceResponseModel>(responses);
|
||||
}
|
||||
@ -68,7 +68,7 @@ namespace Bit.Api.Controllers
|
||||
[HttpPost("")]
|
||||
public async Task<DeviceResponseModel> Post([FromBody]DeviceRequestModel model)
|
||||
{
|
||||
var device = model.ToDevice(_userManager.GetUserId(User));
|
||||
var device = model.ToDevice(_userService.GetProperUserId(User));
|
||||
await _deviceService.SaveAsync(device);
|
||||
|
||||
var response = new DeviceResponseModel(device);
|
||||
@ -79,7 +79,7 @@ namespace Bit.Api.Controllers
|
||||
[HttpPost("{id}")]
|
||||
public async Task<DeviceResponseModel> Put(string id, [FromBody]DeviceRequestModel model)
|
||||
{
|
||||
var device = await _deviceRepository.GetByIdAsync(new Guid(id), new Guid(_userManager.GetUserId(User)));
|
||||
var device = await _deviceRepository.GetByIdAsync(new Guid(id), _userService.GetProperUserId(User).Value);
|
||||
if(device == null)
|
||||
{
|
||||
throw new NotFoundException();
|
||||
@ -95,7 +95,7 @@ namespace Bit.Api.Controllers
|
||||
[HttpPost("identifier/{identifier}/token")]
|
||||
public async Task PutToken(string identifier, [FromBody]DeviceTokenRequestModel model)
|
||||
{
|
||||
var device = await _deviceRepository.GetByIdentifierAsync(identifier, new Guid(_userManager.GetUserId(User)));
|
||||
var device = await _deviceRepository.GetByIdentifierAsync(identifier, _userService.GetProperUserId(User).Value);
|
||||
if(device == null)
|
||||
{
|
||||
throw new NotFoundException();
|
||||
@ -116,7 +116,7 @@ namespace Bit.Api.Controllers
|
||||
[HttpPost("{id}/delete")]
|
||||
public async Task Delete(string id)
|
||||
{
|
||||
var device = await _deviceRepository.GetByIdAsync(new Guid(id), new Guid(_userManager.GetUserId(User)));
|
||||
var device = await _deviceRepository.GetByIdAsync(new Guid(id), _userService.GetProperUserId(User).Value);
|
||||
if(device == null)
|
||||
{
|
||||
throw new NotFoundException();
|
||||
|
||||
@ -19,22 +19,22 @@ namespace Bit.Api.Controllers
|
||||
{
|
||||
private readonly ICipherRepository _cipherRepository;
|
||||
private readonly ICipherService _cipherService;
|
||||
private readonly UserManager<User> _userManager;
|
||||
private readonly IUserService _userService;
|
||||
|
||||
public FoldersController(
|
||||
ICipherRepository cipherRepository,
|
||||
ICipherService cipherService,
|
||||
UserManager<User> userManager)
|
||||
IUserService userService)
|
||||
{
|
||||
_cipherRepository = cipherRepository;
|
||||
_cipherService = cipherService;
|
||||
_userManager = userManager;
|
||||
_userService = userService;
|
||||
}
|
||||
|
||||
[HttpGet("{id}")]
|
||||
public async Task<FolderResponseModel> Get(string id)
|
||||
{
|
||||
var folder = await _cipherRepository.GetByIdAsync(new Guid(id), new Guid(_userManager.GetUserId(User)));
|
||||
var folder = await _cipherRepository.GetByIdAsync(new Guid(id), _userService.GetProperUserId(User).Value);
|
||||
if(folder == null || folder.Type != Core.Enums.CipherType.Folder)
|
||||
{
|
||||
throw new NotFoundException();
|
||||
@ -46,7 +46,8 @@ namespace Bit.Api.Controllers
|
||||
[HttpGet("")]
|
||||
public async Task<ListResponseModel<FolderResponseModel>> Get()
|
||||
{
|
||||
ICollection<Cipher> folders = await _cipherRepository.GetManyByTypeAndUserIdAsync(Core.Enums.CipherType.Folder, new Guid(_userManager.GetUserId(User)));
|
||||
ICollection<Cipher> folders = await _cipherRepository.GetManyByTypeAndUserIdAsync(Core.Enums.CipherType.Folder,
|
||||
_userService.GetProperUserId(User).Value);
|
||||
var responses = folders.Select(f => new FolderResponseModel(f));
|
||||
return new ListResponseModel<FolderResponseModel>(responses);
|
||||
}
|
||||
@ -54,7 +55,7 @@ namespace Bit.Api.Controllers
|
||||
[HttpPost("")]
|
||||
public async Task<FolderResponseModel> Post([FromBody]FolderRequestModel model)
|
||||
{
|
||||
var folder = model.ToCipher(_userManager.GetUserId(User));
|
||||
var folder = model.ToCipher(_userService.GetProperUserId(User).Value);
|
||||
await _cipherService.SaveAsync(folder);
|
||||
return new FolderResponseModel(folder);
|
||||
}
|
||||
@ -63,7 +64,7 @@ namespace Bit.Api.Controllers
|
||||
[HttpPost("{id}")]
|
||||
public async Task<FolderResponseModel> Put(string id, [FromBody]FolderRequestModel model)
|
||||
{
|
||||
var folder = await _cipherRepository.GetByIdAsync(new Guid(id), new Guid(_userManager.GetUserId(User)));
|
||||
var folder = await _cipherRepository.GetByIdAsync(new Guid(id), _userService.GetProperUserId(User).Value);
|
||||
if(folder == null || folder.Type != Core.Enums.CipherType.Folder)
|
||||
{
|
||||
throw new NotFoundException();
|
||||
@ -77,7 +78,7 @@ namespace Bit.Api.Controllers
|
||||
[HttpPost("{id}/delete")]
|
||||
public async Task Delete(string id)
|
||||
{
|
||||
var folder = await _cipherRepository.GetByIdAsync(new Guid(id), new Guid(_userManager.GetUserId(User)));
|
||||
var folder = await _cipherRepository.GetByIdAsync(new Guid(id), _userService.GetProperUserId(User).Value);
|
||||
if(folder == null || folder.Type != Core.Enums.CipherType.Folder)
|
||||
{
|
||||
throw new NotFoundException();
|
||||
|
||||
@ -21,22 +21,22 @@ namespace Bit.Api.Controllers
|
||||
{
|
||||
private readonly ICipherRepository _cipherRepository;
|
||||
private readonly ICipherService _cipherService;
|
||||
private readonly UserManager<User> _userManager;
|
||||
private readonly IUserService _userService;
|
||||
|
||||
public LoginsController(
|
||||
ICipherRepository cipherRepository,
|
||||
ICipherService cipherService,
|
||||
UserManager<User> userManager)
|
||||
IUserService userService)
|
||||
{
|
||||
_cipherRepository = cipherRepository;
|
||||
_cipherService = cipherService;
|
||||
_userManager = userManager;
|
||||
_userService = userService;
|
||||
}
|
||||
|
||||
[HttpGet("{id}")]
|
||||
public async Task<LoginResponseModel> Get(string id, string[] expand = null)
|
||||
{
|
||||
var login = await _cipherRepository.GetByIdAsync(new Guid(id), new Guid(_userManager.GetUserId(User)));
|
||||
var login = await _cipherRepository.GetByIdAsync(new Guid(id), _userService.GetProperUserId(User).Value);
|
||||
if(login == null || login.Type != Core.Enums.CipherType.Login)
|
||||
{
|
||||
throw new NotFoundException();
|
||||
@ -51,7 +51,7 @@ namespace Bit.Api.Controllers
|
||||
public async Task<ListResponseModel<LoginResponseModel>> Get(string[] expand = null)
|
||||
{
|
||||
ICollection<Cipher> logins = await _cipherRepository.GetManyByTypeAndUserIdAsync(Core.Enums.CipherType.Login,
|
||||
new Guid(_userManager.GetUserId(User)));
|
||||
_userService.GetProperUserId(User).Value);
|
||||
var responses = logins.Select(s => new LoginResponseModel(s)).ToList();
|
||||
await ExpandManyAsync(logins, responses, expand, null);
|
||||
return new ListResponseModel<LoginResponseModel>(responses);
|
||||
@ -60,7 +60,7 @@ namespace Bit.Api.Controllers
|
||||
[HttpPost("")]
|
||||
public async Task<LoginResponseModel> Post([FromBody]LoginRequestModel model, string[] expand = null)
|
||||
{
|
||||
var login = model.ToCipher(_userManager.GetUserId(User));
|
||||
var login = model.ToCipher(_userService.GetProperUserId(User).Value);
|
||||
await _cipherService.SaveAsync(login);
|
||||
|
||||
var response = new LoginResponseModel(login);
|
||||
@ -72,7 +72,7 @@ namespace Bit.Api.Controllers
|
||||
[HttpPost("{id}")]
|
||||
public async Task<LoginResponseModel> Put(string id, [FromBody]LoginRequestModel model, string[] expand = null)
|
||||
{
|
||||
var login = await _cipherRepository.GetByIdAsync(new Guid(id), new Guid(_userManager.GetUserId(User)));
|
||||
var login = await _cipherRepository.GetByIdAsync(new Guid(id), _userService.GetProperUserId(User).Value);
|
||||
if(login == null || login.Type != Core.Enums.CipherType.Login)
|
||||
{
|
||||
throw new NotFoundException();
|
||||
@ -89,7 +89,7 @@ namespace Bit.Api.Controllers
|
||||
[HttpPost("{id}/delete")]
|
||||
public async Task Delete(string id)
|
||||
{
|
||||
var login = await _cipherRepository.GetByIdAsync(new Guid(id), new Guid(_userManager.GetUserId(User)));
|
||||
var login = await _cipherRepository.GetByIdAsync(new Guid(id), _userService.GetProperUserId(User).Value);
|
||||
if(login == null || login.Type != Core.Enums.CipherType.Login)
|
||||
{
|
||||
throw new NotFoundException();
|
||||
@ -129,7 +129,7 @@ namespace Bit.Api.Controllers
|
||||
if(folders == null)
|
||||
{
|
||||
folders = await _cipherRepository.GetManyByTypeAndUserIdAsync(Core.Enums.CipherType.Folder,
|
||||
new Guid(_userManager.GetUserId(User)));
|
||||
_userService.GetProperUserId(User).Value);
|
||||
}
|
||||
|
||||
if(folders != null && folders.Count() > 0)
|
||||
|
||||
@ -4,7 +4,6 @@ using Microsoft.AspNetCore.Authorization;
|
||||
using Microsoft.AspNetCore.Mvc;
|
||||
using Bit.Api.Models;
|
||||
using Bit.Core.Services;
|
||||
using Bit.Core;
|
||||
|
||||
namespace Bit.Api.Controllers
|
||||
{
|
||||
@ -13,30 +12,29 @@ namespace Bit.Api.Controllers
|
||||
public class SettingsController : Controller
|
||||
{
|
||||
private readonly IUserService _userService;
|
||||
private readonly CurrentContext _currentContext;
|
||||
|
||||
public SettingsController(
|
||||
IUserService userService,
|
||||
CurrentContext currentContext)
|
||||
IUserService userService)
|
||||
{
|
||||
_userService = userService;
|
||||
_currentContext = currentContext;
|
||||
}
|
||||
|
||||
[HttpGet("domains")]
|
||||
public Task<DomainsResponseModel> GetDomains(bool excluded = true)
|
||||
public async Task<DomainsResponseModel> GetDomains(bool excluded = true)
|
||||
{
|
||||
var response = new DomainsResponseModel(_currentContext.User, excluded);
|
||||
return Task.FromResult(response);
|
||||
var user = await _userService.GetUserByPrincipalAsync(User);
|
||||
var response = new DomainsResponseModel(user, excluded);
|
||||
return response;
|
||||
}
|
||||
|
||||
[HttpPut("domains")]
|
||||
[HttpPost("domains")]
|
||||
public async Task<DomainsResponseModel> PutDomains([FromBody]UpdateDomainsRequestModel model)
|
||||
{
|
||||
await _userService.SaveUserAsync(model.ToUser(_currentContext.User));
|
||||
var user = await _userService.GetUserByPrincipalAsync(User);
|
||||
await _userService.SaveUserAsync(model.ToUser(user));
|
||||
|
||||
var response = new DomainsResponseModel(_currentContext.User);
|
||||
var response = new DomainsResponseModel(user);
|
||||
return response;
|
||||
}
|
||||
}
|
||||
|
||||
@ -33,12 +33,12 @@ namespace Bit.Api.Models
|
||||
[StringLength(10000)]
|
||||
public string Notes { get; set; }
|
||||
|
||||
public virtual Cipher ToCipher(string userId = null)
|
||||
public virtual Cipher ToCipher(Guid userId)
|
||||
{
|
||||
var cipher = new Cipher
|
||||
{
|
||||
Id = new Guid(Id),
|
||||
UserId = new Guid(userId),
|
||||
UserId = userId,
|
||||
FolderId = string.IsNullOrWhiteSpace(FolderId) ? null : (Guid?)new Guid(FolderId),
|
||||
Type = Type
|
||||
};
|
||||
|
||||
@ -19,11 +19,11 @@ namespace Bit.Api.Models
|
||||
[StringLength(255)]
|
||||
public string PushToken { get; set; }
|
||||
|
||||
public Device ToDevice(string userId = null)
|
||||
public Device ToDevice(Guid? userId = null)
|
||||
{
|
||||
return ToDevice(new Device
|
||||
{
|
||||
UserId = userId == null ? default(Guid) : new Guid(userId)
|
||||
UserId = userId == null ? default(Guid) : userId.Value
|
||||
});
|
||||
}
|
||||
|
||||
|
||||
@ -13,11 +13,11 @@ namespace Bit.Api.Models
|
||||
[StringLength(300)]
|
||||
public string Name { get; set; }
|
||||
|
||||
public Cipher ToCipher(string userId = null)
|
||||
public Cipher ToCipher(Guid userId)
|
||||
{
|
||||
return ToCipher(new Cipher
|
||||
{
|
||||
UserId = new Guid(userId)
|
||||
UserId = userId
|
||||
});
|
||||
}
|
||||
|
||||
|
||||
@ -28,11 +28,11 @@ namespace Bit.Api.Models
|
||||
[StringLength(10000)]
|
||||
public string Notes { get; set; }
|
||||
|
||||
public Cipher ToCipher(string userId = null)
|
||||
public Cipher ToCipher(Guid userId)
|
||||
{
|
||||
return ToCipher(new Cipher
|
||||
{
|
||||
UserId = new Guid(userId)
|
||||
UserId = userId
|
||||
});
|
||||
}
|
||||
|
||||
|
||||
@ -12,6 +12,7 @@ namespace Bit.Core.Services
|
||||
Guid? GetProperUserId(ClaimsPrincipal principal);
|
||||
Task<User> GetUserByIdAsync(string userId);
|
||||
Task<User> GetUserByIdAsync(Guid userId);
|
||||
Task<User> GetUserByPrincipalAsync(ClaimsPrincipal principal);
|
||||
Task<DateTime> GetAccountRevisionDateByIdAsync(Guid userId);
|
||||
Task SaveUserAsync(User user);
|
||||
Task<IdentityResult> RegisterUserAsync(User user, string masterPassword);
|
||||
|
||||
@ -73,7 +73,7 @@ namespace Bit.Core.Services
|
||||
|
||||
public async Task<User> GetUserByIdAsync(string userId)
|
||||
{
|
||||
if(_currentContext?.User != null &&
|
||||
if(_currentContext?.User != null &&
|
||||
string.Equals(_currentContext.User.Id.ToString(), userId, StringComparison.InvariantCultureIgnoreCase))
|
||||
{
|
||||
return _currentContext.User;
|
||||
@ -100,6 +100,17 @@ namespace Bit.Core.Services
|
||||
return _currentContext.User;
|
||||
}
|
||||
|
||||
public async Task<User> GetUserByPrincipalAsync(ClaimsPrincipal principal)
|
||||
{
|
||||
var userId = GetProperUserId(principal);
|
||||
if(!userId.HasValue)
|
||||
{
|
||||
return null;
|
||||
}
|
||||
|
||||
return await GetUserByIdAsync(userId.Value);
|
||||
}
|
||||
|
||||
public async Task<DateTime> GetAccountRevisionDateByIdAsync(Guid userId)
|
||||
{
|
||||
return await _userRepository.GetAccountRevisionDateAsync(userId);
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user